I am an electronics and communication engg student currently doing my 3rd year second semester. i am interested in info coding and the security aspects of it. As an ECE student i want to know what is the scope of cryptography in my field.

and i also want to know about the projects that i can take up in the field of cryptography.

2 Answers
2

Cryptography is a broad field and most of it falls naturally under computer science and math. However there are certain areas that are very much within ECE's domain. For an undergraduate project, you typically do not need to find new results, just do a good literature review and perhaps implement/duplicate some of the results.

Here are a few ideas for an ECE student:

Side-channel cryptanalysis. When a cryptographic function is implemented, the implementation itself can leak information that is useful to an attacker. On the hardware side, it could be power consumer or radiation. With an FPGA, you may purposely zap certain gates to introduce faults that may leak useful information. (Wikipedia)

Reverse-engineering chips. Sometimes vendors will implement a cryptographic function without disclosing the details of the function. There have been a number of papers on reverse-engineering RFID chips by inspecting the VLSI layout. There are tools to automatically recognize certain gates or components from images of the circuit. (Example paper)

PUFs. Physically unclonable functions use the natural variance in physical structures to implement cryptographic functions. A number of candidates for PUFs are electronic components. (Wikipedia)

Implementation and Optimization. There is usually always room for implementing a function as optimally as possible in your favourite medium. For ECE: VLSI or FPGA for example. The major functions (AES, SHA, etc) have had attention in this regard but more obscure primitives/protocols may have less attention.

Circuit-based Evaluation. One goal in cryptography is to do computation on encrypted data in a way that does not reveal the data itself. There are generally three classes: two-party computation, multi-party computation, and homomorphic computation. In two-party in particular, an approach is to represent the function being evaluated as a boolean circuit and then use a technique called "garbled circuits" to evaluate. Most researchers look at general techniques for doing this efficiently and with high security; less look at how to best represent a boolean circuit that implements are particular useful function (beyond certain toy examples like Yao's millionaire problem). (Example Paper)

Once successful apply that attack to the function allowing slightly more rounds.

Rinse/repeat step 3 until the attack n longer works or you break a finalist (unlikely).

In terms of breaking any of the finalists, I would suggest either trying a meet-in-the-middle attack or a differential attack. If your attack isn't working try modifying the hash function to make it less secure. Try to determine what design choices make the hash function resilient to your attacks and what part of the design makes it weak. How can you modify a standard attack to avoid the strong parts of the function? How could you modify the hash function to make it stronger?